Vigil@nce - Xen: denial of service via AMD Erratum 793
December 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker in a Xen guest system can generate the AMD Erratum 793
error, in order to trigger a denial of service.
– Impacted products: Fedora, Unix (platform)
– Severity: 2/4
– Creation date: 02/12/2013
DESCRIPTION OF THE VULNERABILITY
The Xen product can be installed on an AMD processor.
The error AMD Erratum 793 "Specific Combination of Writes to Write
Combined Memory Types and Locked Instructions May Cause Core Hang"
stops the processor. However, an attacker in a Xen guest system
can trigger this fatal error on the host.
An attacker in a Xen guest system can therefore generate the AMD
Erratum 793 error, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Xen-denial-of-service-via-AMD-Erratum-793-13856